Greetings,
You wrote:
> An Army
> officer wrote a memo describing his concerns over the loss of DoD
> involvement in what used to be validation of compilers.
I'm sure the vendors can discuss details of the validation process. I
don't have concrete data for you, but I'll sketch an argument for your
second point:
> B) why conformance testing is not a major factor in end-system reliability.
First, compare validation of Ada compilers against validation of
compilers for any other language. (Is there any?)
I would point out that compiler validation has, at most, a very small
effect on the reliability of the delivered product. This is influenced
far more by careful engineering, and proven by intelligent testing. After
all, developer errors are far more common than compiler bugs.
If the engineering processes and testing strategies are strong enough to
provide confidence in the face of typos, mental bobbles and occasional
bad decisions, they are certainly strong enough to provide confidence
while using a less-than-validated compiler. Indeed, any weapon system
developed with C or Jovial must have been able to do so.
Conversely, if a project is so structured that lesser validation creates
a real potential for reduced quality, that project will probably be quite
helpless in the face of the human errors that are certain to occur anyway.
Validation reduces the risk that you will have to work around some
unfixed problem with the compiler. Robert Dewar (IIRC) has pointed out
that another useful benefit is ensuring that your compiler vendor really
understands the language specification and is dedicated to correctly
implementing it.
But validation has never been significantly involved in the quality of
the object code. You can pass garbage code through any validated compiler.
I hope this is a useful perspective.
Best,
Sam Mize
--
Samuel Mize -- [log in to unmask] (home email) -- Team Ada
Fight Spam: see http://www.cauce.org/ \\\ Smert Spamonam